This will be the first part of the series discussing Amazon CloudFront. Amazon CloudFront is a web service that allows web content distribution. The web content can be static or dynamic like .php or .html pages or image files.

VMware Training – Resources (Intense)

In the first part of the series we will:

Discuss CloudFront introductory notions

Discuss how to configure CloudFront to deliver the content to users

Discuss how CloudFront delivers the content to users

Configure a CloudFront distribution

CloudFront is using a network data centers called edge locations to deliver the content. Because edge locations are used, the content is delivered to the users at a higher speed. Whenever a user is requesting content that you are providing through CloudFront, the user is being served from the closest edge location. The closest edge location is determined based on the time delay. The lower the time delay, the closer the edge location is. If the content requested is already in that edge location (another user requested the same content previously), then the content is delivered immediately. If the content is not present in that edge location, then the content is retrieved from the origin servers.

Let’s see what the high-level view steps are to configure CloudFront to deliver the content to the users.

First, the origin servers are configured. Origin servers are the source from which the edge locations are retrieving the content to be distributed. The origin server has the original data. If the content is being delivered over HTTP, then the origin server can be an Amazon S3 bucket or a HTTP server. If the content is being delivered using Adobe Media Server RTMP protocol, then the origin server cannot be anything else than an Amazon S3 bucket.

Secondly, the files are uploaded to the origin server. The files can be anything that can be delivered through HTTP or a supported version of Adobe RTMP. If an Amazon S3 bucket is used as the origin server, then those files can be accessed if the CloudFront link is known. The objects from the Amazon S3 bucket must be made public.

Thirdly, a CloudFront distribution is created. Basically, the only input required during distribution creation is the origin server location that will be used as a serving point for the content requested by the users. There are other details that can be adjusted during distribution creation, but it’s not necessary unless you want to do some tweaking.

Fourthly, CloudFront sends the distribution configuration to all the edge locations from where the content might be served to the users.

Fifthly, the content is accessed using the URL returned by CloudFront. The URL is formed from 14 random alpha-numeric characters followed by cloudfront.net. It is something similar to 1234567abcdefg.cloudfront.net. If you have a file in your Amazon S3 bucket, then you can use the URL returned by CloudFront followed by the /. Something similar to 1234567abcdefg.cloudfront.net/file.

Let’s continue with how CloudFront delivers the content to the users.

Firstly, the user is requesting an object. The user is doing this by accessing the URL that CloudFront provided.

Secondly, DNS is resolving the request and it is routing the request to the CloudFront edge location that is closest to the user.

Thirdly, once the request arrived at that edge location, CloudFront checks if the content is in the cache. If it is, then the files are sent right away to the user. If the files are not in the cache, then this process follows: CloudFront sends the request for the file to the origin server. The origin server sends the file to the CloudFront edge location. From the moment the first byte is received from the origin server by CloudFront, the file is being sent to the user. In parallel, the file is being added in the cache by CloudFront to speed up content delivery when the same file will be requested next time.

Fourthly, in cases that the file was in the cache for 24 hours (default timer) or whatever timer has been set for cache life, then CloudFront is following this process: the next request is sent to the origin server to find out if the file version from the origin server is the same as the one from the edge location. If the same version is in both locations, then the file is served to the user from the edge location. In case there is a mismatch between the versions of the two locations, the origin server sends the latest version of the file that is then served to the user and stored in cache.

So let’s go back and follow the process to configure CloudFront to deliver content.

I created an Amazon S3 bucket and added two files. You must remember that the files have to be public in order to be accessible by CloudFront.

index.html has this content. Basically it is embedding the image file that is also in the same S3 bucket.

From the AWS Management Console, select “CloudFront” to start the process of creating the distribution. The first step will be to select the delivery method. The two ones are “Web” and “RTMP”. We will focus now on “Web”. Select “Get Started”:

On the next step, you will be presented with multiple sub-sections with details that can be changed. For the simplest test, we need only to work on “Origin Settings”. On the “Origin Domain Name” you will need to specify what will you use as origin server. Because I previously created the S3 bucket, it will show up so I can select it:

The “Origin ID” has been created automatically after I selected the S3 bucket:

This is the second section of the distribution configuration options and we will leave everything as it is.

The last section is “Distribution Settings” and we can leave it as well as it is. Click on “Create Distribution” to move further.

You will see that the new distribution was created and the state is “Enabled” and the status is “In Progress”. The highlighted link is the URL that can be used to access the content.

In about 15-20 minutes, the distribution will be in “Deployed” status and that means it can be used.

So let’s test if we can retrieve the files from the edge locations. We had two files in the S3 bucket: index.html and image.jpg. They can be referenced using these links: dtj4m7p93mot1.cloudfront.net/index.html and dtj4m7p93mot1.cloudfront.net/image.jpg. Let’s start with the first one:

And the second one:

So our CloudFront distribution is working as expected. We reached the end of the first part of the series.

In this part we discussed what CloudFront is, what are the logical steps to configure CloudFront, how the content is delivered to the user and in the end we actually configured CloudFront using AWS Management Console.

As you saw, we barely touched the options that you have during CloudFront distribution creation process. We will discuss most of them in the second part of the series.

Paris Arau is a network engineer with extensive knowledge of Cisco and Juniper routing and switching platforms. He is CCIE R&S and dual JNCIE(SP and ENT). With a strong service provider and enterprise background, he is working on a daily basis with cutting-edge technologies. He also writes about routing and switching technologies, cloud computing, virtualization at his personal blog, http://nextheader.net.

About Intense

Intense School has been providing accelerated IT training and certification for over 12 years to more than 45,000 IT and Information Security professionals worldwide. Come see why we have the highest pass rates in the industry!

Join our newsletter

File download

First Name

Last Name

Work Phone Number

Work Email Address

Job Title

How will you fund your training?

Why Take This Training?

What is your timeline for training?

InfoSec institute respects your privacy and will never use your personal information for anything other than to notify you of your requested course pricing. We will never sell your information to third parties. You will not be spammed.

Comments

What is Skillset?

Skillset

Practice tests & assessments.

Practice for certification success with the Skillset library of over 100,000 practice test questions. We analyze your responses and can determine when you are ready to sit for the test. Along your journey to exam readiness, we will:

1. Determine which required skills your knowledge is sufficient
2. Which required skills you need to work on
3. Recommend specific skills to practice on next
4. Track your progress towards a certification exam